Battle Programmer YuuNew Phrack 71 Call For Papers just dropped.
Check it out here: http://phrack.org
ghozt
- 15 Followers
- 23 Following
- 31 Posts
raptor 
CVE-2023-6246: Heap-based buffer #overflow in the #glibc's syslog()
* another awesome advisory by @qualys
* love the reference to @solardiz’s exploit from 1997 and the link to insecure.org exploit db (blast from the past!)
* snprintf() return value behavior is a common source of bugs (https://github.com/0xdea/semgrep-rules/blob/main/c/unsafe-ret-snprintf-vsnprintf.yaml)
* in awe of the exploit development strategy 🤩
0xor0neCollection of links to blog posts, write-ups and papers related to cybersecurity, reverse engineering and exploitation
https://github.com/0xor0ne/awesome-list/blob/main/topics/cybersec.md
Excellent writeup on reverse engineering #Rust binaries by Ben Herzog
https://research.checkpoint.com/2023/rust-binary-analysis-feature-by-feature/
Rust Binary Analysis, Feature by Feature - Check Point Research
Problem Statement You attempt to analyze a binary file compiled in the Rust programming language. You open the file in your favorite disassembler. Twenty minutes later you wish you had never been born. You’ve trained yourself to think like g++ and msvc: Here’s a loop, there’s a vtable, that’s a global variable, a library function, an exception. Now […]
Just release a small BinaryNinja plugin to identify and tag xor operations https://github.com/9hozt/xorfinder
#BinaryNinja #reverseengineering
#BinaryNinja #reverseengineering
Hannu KlemettiHello Mastodon and infosec.exchange!
I'm a technical generalist with history in software development. Mostly I'm writing code, but I tend to hold many hats from C-suite to fiddling with technical bits and pieces on software or cloud environments. I come equipped with keen interest in securing things and following up on latest happenings in infosec space.
Here I'll be most likely posting or commenting about:
- Information security news and tidbits focusing on things that potentially affect small businesses (daytime me with collared shirt on)
- Stuff related to AWS or software development - some things you usually either love or hate. (daytime me on a t-shirt coding on Friday afternoon)
- Cyber security nerdism (night-time me losing my mind on first steps of an online CTF)
- Highlights and/or frustrations about technology (who doesn't?)
- Probably some GDPR/regulatory highlights (occasional CISO in me)
And this is the last bullet point list from me here. If you catch me using one again, I'll buy you a lunch.
Binary NinjaIf you prefer to see function+offset or section+offset at the current location, you can change the bottom status by clicking it and selecting "Display Format".
As an added bonus you can use it to quickly copy the current location (or selection) in many formats too!
🌠0️⃣1️⃣🥷
Excellent guide on ARM64 (AArch64) assembly programming
https://modexp.wordpress.com/2018/10/30/arm64-assembly/?ref=0xor0ne.xyz
Really cool video series about BinaryNinja basics and scripting by @ficti0n https://console-cowboys.blogspot.com/2024/01/learning-binary-ninja-for-reverse.html check it out !
